<?php

//后台的配置文件
include(dirname(__FILE__).'/config.php');
//include(dirname(__FILE__).'/../Inc/tree.class.php');



$dopost = isset($_REQUEST['dopost']) ? trim($_REQUEST['dopost']) : '';


if( $dopost == 'save' ){
	$post = $_POST;

	if($post['id'] != $_SESSION['admin']['id']){ die('{"ret":999,"msg":"数据错误！！！","url":"?t='.time().'"}') ;}


	//验证两次密码是否一致
	if( $post['password'] != $post['password2'] ){ die('{"ret":999,"msg":"两次密码不一致！！！","url":"?t='.time().'"}') ;}

	//验证原始密码
	$rs = dbRow("select * from `admin` where id = '{$post['id']}'");
	$md5_password_old = md5($post['password0']);
	$md5_password_new = md5($post['password']);


	if ($rs['password'] != $md5_password_old ){ die('{"ret":999,"msg":"原始密码不正确！！！","url":"?t='.time().'"}') ;}


	$art = array();
	$art['password'] =  $md5_password_new ;
	$rs = dbUpdate('admin', $art , " id = '{$post['id']}'" );

	if($rs){

		die('{"ret":0,"msg":"修改成功！！！","url":"?t='.time().'"}') ;
	}else{

		die('{"ret":999,"msg":"修改失败！！！","url":"?t='.time().'"}') ;
	}

	
//***************************************************************
}else{


	$art = dbList("select * from `config` where 1 order by id asc");
	$cfg = array();
	foreach($art as $k=>$v){
		$cfg[ $v['varname'] ] = $v['value'];
	}

	include('temp/upt_password.php');

}



